CVE-2025-39202 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-39202 PUBLISHED CVSS 8.300000190734863 HIGH

A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with low privileges can see and overwrite files causing information leak and data corruption.

EPSS 0.05% · 14.9th percentile

Risk Scores

CVSS v4.0

8.300000190734863

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H

EPSS Score

0.05%

14.9th percentile

Affected Products

Vendor	Product	Versions
Hitachi Energy	MicroSCADA X SYS600	10.0
hitachienergy	microscada_x_sys600	10.0

Timeline

Jun 24, 2025 EPSS Score
Jun 24, 2025 Coalition ESS Score
Jun 24, 2025 Coalition ESS Score
Jun 24, 2025 CVE Published
Jun 25, 2025 CVE Updated
Jun 26, 2025 Coalition ESS Score
Jul 3, 2025 EPSS Score
Jul 3, 2025 PoC Published
Jul 13, 2025 EPSS Score
Jul 22, 2025 EPSS Score
Jul 23, 2025 Coalition ESS Score
Aug 1, 2025 EPSS Score

References

Open in Interactive Console →